/**
* Creating DiskEncryptionInfo for A2A encrypted Vm.
*/
private DiskEncryptionInfo A2AEncryptionDetails()
{
// Checking if any encryption data is present then the only creating DiskEncryptionInfo.
if (this.IsParameterBound(c => c.DiskEncryptionSecretUrl) ||
this.IsParameterBound(c => c.DiskEncryptionVaultId) ||
this.IsParameterBound(c => c.KeyEncryptionKeyUrl) ||
this.IsParameterBound(c => c.KeyEncryptionVaultId))
{
DiskEncryptionInfo diskEncryptionInfo = new DiskEncryptionInfo();
// BEK DATA is present
if (this.IsParameterBound(c => c.DiskEncryptionSecretUrl) && this.IsParameterBound(c => c.DiskEncryptionVaultId))
{
diskEncryptionInfo.DiskEncryptionKeyInfo = new DiskEncryptionKeyInfo(this.DiskEncryptionSecretUrl, this.DiskEncryptionVaultId);
// KEK Data is present in pair.
if (this.IsParameterBound(c => c.KeyEncryptionKeyUrl) && this.IsParameterBound(c => c.KeyEncryptionVaultId))
{
diskEncryptionInfo.KeyEncryptionKeyInfo = new KeyEncryptionKeyInfo(this.KeyEncryptionKeyUrl, this.KeyEncryptionVaultId);
}
}
else
{
throw new Exception("Provide Disk DiskEncryptionSecretUrl and DiskEncryptionVaultId.");
}
return(diskEncryptionInfo);
}
return(null);
}
/*
* Creating DiskEncryptionInfo for A2A provider.
*/
private DiskEncryptionInfo A2AEncryptionDetails(ReplicationProviderSpecificSettings provider)
{
// Checking if any encryption data is present then the only creating DiskEncryptionInfo.
if (this.IsParameterBound(c => c.DiskEncryptionSecretUrl) ||
this.IsParameterBound(c => c.DiskEncryptionVaultId) ||
this.IsParameterBound(c => c.KeyEncryptionKeyUrl) ||
this.IsParameterBound(c => c.KeyEncryptionVaultId))
{
// Non A2A scenario
if (!(provider is A2AReplicationDetails))
{
throw new Exception(
"DiskEncryptionSecretUrl,DiskEncryptionVaultId,KeyEncryptionKeyUrl,KeyEncryptionVaultId " +
"is used for updating Azure to Azure replication");
}
DiskEncryptionInfo diskEncryptionInfo = new DiskEncryptionInfo();
// BEK DATA is present
if (this.IsParameterBound(c => c.DiskEncryptionSecretUrl) && this.IsParameterBound(c => c.DiskEncryptionVaultId))
{
diskEncryptionInfo.DiskEncryptionKeyInfo = new DiskEncryptionKeyInfo(this.DiskEncryptionSecretUrl, this.DiskEncryptionVaultId);
// KEK Data is present in pair.
if (this.IsParameterBound(c => c.KeyEncryptionKeyUrl) && this.IsParameterBound(c => c.KeyEncryptionVaultId))
{
diskEncryptionInfo.KeyEncryptionKeyInfo = new KeyEncryptionKeyInfo(this.KeyEncryptionKeyUrl, this.KeyEncryptionVaultId);
}
}
else
{
throw new Exception("Provide Disk DiskEncryptionSecretUrl and DiskEncryptionVaultId.");
}
return(diskEncryptionInfo);
}
return(null);
}
/// <summary>
/// Creating DiskEncryptionInfo for A2A encrypted Vm.
/// </summary>
/// <param name="diskEncryptionSecretUrl">Secret identifier.</param>
/// <param name="diskEncryptionVaultId">Secret KeyVault.</param>
/// <param name="keyEncryptionKeyUrl">Key identifier.</param>
/// <param name="keyEncryptionVaultId">Key KeyVault.</param>
/// <returns>DiskEncryptionInfo object.</returns>
public static DiskEncryptionInfo A2AEncryptionDetails(
string diskEncryptionSecretUrl,
string diskEncryptionVaultId,
string keyEncryptionKeyUrl,
string keyEncryptionVaultId)
{
DiskEncryptionInfo diskEncryptionInfo = null;
if (!string.IsNullOrEmpty(diskEncryptionSecretUrl) &&
!string.IsNullOrEmpty(diskEncryptionVaultId))
{
diskEncryptionInfo = new DiskEncryptionInfo
{
DiskEncryptionKeyInfo =
new DiskEncryptionKeyInfo(diskEncryptionSecretUrl, diskEncryptionVaultId)
};
if (!string.IsNullOrEmpty(keyEncryptionKeyUrl) &&
!string.IsNullOrEmpty(keyEncryptionVaultId))
{
diskEncryptionInfo.KeyEncryptionKeyInfo =
new KeyEncryptionKeyInfo(keyEncryptionKeyUrl, keyEncryptionVaultId);
}
else if (!string.IsNullOrEmpty(keyEncryptionKeyUrl) ||
!string.IsNullOrEmpty(keyEncryptionVaultId))
{
throw new Exception("Provide both keyEncryptionKeyUrl and keyEncryptionVaultId.");
}
}
else if (!string.IsNullOrEmpty(diskEncryptionSecretUrl) ||
!string.IsNullOrEmpty(diskEncryptionVaultId))
{
throw new Exception("Provide both diskEncryptionSecretUrl and diskEncryptionVaultId.");
}
return(diskEncryptionInfo);
}
